The Bankwatch

Tracking the consumer evolution of financial services

IBM makes pilot security devices available for financial institutions to trial

IBM come out with an innovative security measure that actually makes sense.  It makes far more sense than the two factor authentication tokens many banks have been wasting their time with. 

It also sounds like it requires no work on the FI end – so its a no brainer to trial this one!

IBM unveils USB stick to fight online banking fraud | Finextra

IBM has unveiled a prototype USB stick designed to secure online banking transactions against malware and man-in-the-middle attacks.

The Zone Trusted Information Channel (ZTIC) plugs into the USB port of any computer to add an extra layer of security on top of existing authentication systems like smart cards, PINs and one-time validation codes.

This device in simple terms bypasses your PC and goes straight out over a secure connection to your bank. 

What the user sees on the ZTIC display is identical to what the server "sees".

In addition it can be supplemented by a smart card log in.

Relevance to Bankwatch:

Kudos to IBM for this.  The two factor tokens to date are not protection against all possible attacks, including man-in-the-middle in particular.  While I have always felt consumers would balk at an additional device, that view was qualified by the limited benefit. 

If in fact a device exists that guarantees security, then that is completely different story.

Views in support or to the contrary welcomed.  This is an important topic for ecommerce, and for online banking.

Written by Colin Henderson

October 29, 2008 at 23:33

One Response

Subscribe to comments with RSS.

  1. The only “problem” with this is that most large corporates these days disable the use of USB and other drives for PCs in the workplace along with external email access.

    Therefore, the IBM solution would not allow customers to do Interent banking at their place of work which to me anyway, shows that device independant security will always be a better option for both the customer and the Bank.

    Peter Brooks

    October 30, 2008 at 03:19

Comments are closed.

%d bloggers like this: